matrix-synapse: Add persistence

2020-08-08 20:38:36 +02:00 · 2020-08-08 20:38:36 +02:00 · 414338d47a
commit 414338d47a
parent 5917a8eefc
5 changed files with 67 additions and 10 deletions
--- a/charts-wip/matrix-synapse/templates/deployment.yaml
+++ b/charts-wip/matrix-synapse/templates/deployment.yaml
@ -90,6 +90,8 @@ spec:
              mountPath: /synapse/secrets
            - name: signingkey
              mountPath: /synapse/keys
+            - name: media
+              mountPath: /synapse/data
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      volumes:
@ -107,6 +109,20 @@ spec:
                path: signing.key
        - name: tmpconf
          emptyDir: {}
+        - name: media
+
+        {{- $mediaworker := false }}
+        {{- range $worker, $config := .Values.workers }}
+          {{- if eq $worker "media-repository" }}
+            {{- $mediaworker = true }}
+          {{- end }}
+        {{- end }}
+        {{- if and .Values.persistence.enabled (not $mediaworker) }}
+          persistentVolumeClaim:
+            claimName: {{ default .Values.persistence.existingClaim (include "matrix-synapse.fullname" .) }}
+        {{- else }}
+          emptyDir: {}
+        {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
@ -236,8 +252,12 @@ spec:
          emptyDir: {}
      {{- if eq $name "media-repository" }}
        - name: media
+        {{- if $.Values.persistence.enabled }}
          persistentVolumeClaim:
-            claimName: 
+            claimName: {{ default $.Values.persistence.existingClaim (include "matrix-synapse.fullname" $) }}
+        {{- else }}
+          emptyDir: {}
+        {{- end }}
      {{- end }}
      {{- with $config.volumes }}
        {{ . | toYaml | nindent 8 }}
--- a/charts-wip/matrix-synapse/templates/ingress.yaml
+++ b/charts-wip/matrix-synapse/templates/ingress.yaml
@ -27,10 +27,9 @@ spec:
  {{- end }}
 {{- end }}
  rules:
-  {{- if default .Values.ingress.includeServerName true }}
-    {{- $hosts := concat (list .Values.config.serverName) .Values.ingress.hosts }}
-  {{- else }}
  {{- $hosts := .Values.ingress.hosts }}
+  {{- if default .Values.ingress.includeServerName true }}
+    {{- $hosts = concat (list .Values.config.serverName) $hosts }}
  {{- end }}
  {{- range $hosts }}
    - host: {{ . | quote }}
--- a/charts-wip/matrix-synapse/templates/pvc.yaml
+++ b/charts-wip/matrix-synapse/templates/pvc.yaml
@ -0,0 +1,22 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "matrix-synapse.fullname" . }}
+  labels:
+    {{- include "matrix-synapse.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+
--- a/charts-wip/matrix-synapse/templates/signing-key-job.yaml
+++ b/charts-wip/matrix-synapse/templates/signing-key-job.yaml
@ -1,4 +1,7 @@
-{{- if and .Values.signingkey.job.enabled (not .Values.signingkey.existingSecret) }}
+{{- if .Values.signingkey.job.enabled }}
+{{- if .Values.signingkey.existingSecret }}
+{{- fail "Can't specify both signingkey.job.enabled and signingkey.existingSecret" }}
+{{- end }}
 {{- $name := include "matrix-synapse.workername" (dict "global" . "worker" "signingkey-job") }}
 ---
 apiVersion: v1
@ -46,6 +49,7 @@ metadata:
    component: job
    job: signing-key-generation
 spec:
+  ttlSecondsAfterFinished: 0
  template:
    metadata:
      labels:
@ -67,8 +71,8 @@ spec:
          name: signing-key-generate
          resources:
            requests:
-              memory: 10Mi
-              cpu: 10m
+              memory: 25Mi
+              cpu: 100m
            limits:
              memory: 25Mi
              cpu: 100m
@ -93,8 +97,8 @@ spec:
          name: signing-key-upload
          resources:
            requests:
-              memory: 10Mi
-              cpu: 10m
+              memory: 50Mi
+              cpu: 100m
            limits:
              memory: 50Mi
              cpu: 100m
@ -105,7 +109,6 @@ spec:
            - mountPath: /synapse/keys
              name: matrix-synapse-keys
              readOnly: true
-      restartPolicy: Never
      serviceAccount: {{ $name }}
      volumes:
        - name: scripts
--- a/charts-wip/matrix-synapse/values.yaml
+++ b/charts-wip/matrix-synapse/values.yaml
@ -110,6 +110,19 @@ externalRedis:
  port: 6379
  # password: synapse

+# Persistence configuration for the media repository.
+# This PVC will be mounted in either Synapse or a media_repo worker.
+#
+# NB; If you want to be able to scale this, you will have to set the
+# accessMode to RWX/ReadWriteMany.
+persistence:
+  enabled: true
+  # existingClaim: synapse-data
+
+  # storageClass: "-"
+  accessMode: ReadWriteOnce
+  size: 10Gi
+
 # Configuration for handling Synapse workers, which are useful for handling
 # high-load deployments.
 # More information is available at;